Fix incorrect buffer length.

R=jochen@chromium.org
BUG=chromium:533243
LOG=N

Review URL: https://codereview.chromium.org/1356863002

Cr-Commit-Position: refs/heads/master@{#30830}

diff --git a/src/scanner-character-streams.cc b/src/scanner-character-streams.cc
index 7324de6f38fdb60e5262ac550abdb6afc0e555b5..a58f392c0cd6f4ad96df33f4e5aaf92f4cbd0dda 100644 (file)
--- a/src/scanner-character-streams.cc
+++ b/src/scanner-character-streams.cc
@@ -458,11 +458,11 @@ void ExternalStreamingStream::ResetToBookmark() {
 
   // bookmark_data_* => current_data_*
   // (current_data_ assumes ownership of its memory.)
-  uint8_t* data = new uint8_t[bookmark_data_.length() - bookmark_data_offset_];
   current_data_offset_ = 0;
   current_data_length_ = bookmark_data_.length() - bookmark_data_offset_;
+  uint8_t* data = new uint8_t[current_data_length_];
   CopyCharsUnsigned(data, bookmark_data_.begin() + bookmark_data_offset_,
-                    bookmark_data_.length());
+                    current_data_length_);
   delete[] current_data_;
   current_data_ = data;
   bookmark_data_is_from_current_data_ = true;